The homeopathic approach to fixing loopholes

Paul Raven @ 10-01-2011

Here’s an interesting minor story which throws a light on matters far larger: someone discovers a software glitch in casino slot machines that allows him to win big money without any tampering, and he does exactly that, to the alleged tune of US$1.4million. Cue his arrest and trial for “650 felony counts of theft, criminal conspiracy, computer trespassing and other charges” [via TechDirt].

Now, for a start, I have very little sympathy for casinos in general, and that may be colouring my judgement somewhat. But as far as I’m concerned, this guy has done nothing more illegal than picking up money he saw dropped on the floor. Sure, the highest moral ground might have been to return the money to its rightful owners… but when its rightful owners already have a great deal of other money (obtained by exploiting the statistical illiteracy and flawed psychology of the average person), well, let’s just say my cup of sympathy runneth not over.

Moral arguments aside, though, this story is indicative of a common phenomenon wherein the system encourages us to pillory those who take advantage of its flaws but does little to address the flaws themselves. Compare with the current protests here in the UK over big-ticket tax evaders: lots of public shaming of the evaders themselves (which I don’t think is necessarily a bad thing), but comparatively little pushing for fixing the perfectly legitimate (if morally dubious) loopholes that allow it to happen.

The cynic in me suspects a lot of our ire stems from a gut feeling best summed up as “why not me?”, and as such we want to punish the transgressors for getting what we didn’t (or avoiding what we couldn’t). Our discontent is misdirected, and the underlying problem goes unfixed… which ends up serving the interests of those best placed to take advantage of it, who are usually those already holding a handful of aces.

We try to treat the symptoms, but the disease reigns unchecked.


Gross $4,000 a day with Viagra spam

Paul Raven @ 29-09-2009

Ever wonder why the flood of emails plugging funny-shaped blue pills for gentlemen shows no sign of relenting? The simple answer is that enough people keep clicking on them to make it an extremely lucrative business – according to Ars Technica, a detailed trawl of sales ledgers reveals that pharmaceutical affiliate spam networks can pull in $4,000 a day of orders:

Samosseiko discovered a wide-open PHP backend to GlavMed that contained evidence that the company is indeed set up to benefit largely from spammers. This involves e-commerce software for spammers to launch their own GlavMed copies or to simply set up domains that redirect to GlavMed. Additionally, some of the documents Samosseiko discovered were sales records, giving a glimpse into the purchasing behavior of GlavMed’s targets.

According to the sales records from GlavMed, there were apparently more than 20 purchases per day per spam campaign, with GlavMed claiming a 40 percent commission on each sale. With an average purchase of around $200, that adds up to over $4,000 total per day per campaign (or $1,600 for GlavMed).

Those are the sort of figures that would make even the most moral code-monkey think hard about trading in their sysadmin cubicle for the easy life. It’s abundantly clear that no amount of effort is ever going to stop people clicking on spam emails, and while the market is willing to line people’s pockets to the tune of hundreds of dollars a day they’re not going to stop coming… all the while funding other organisations with more nefarious aims and purposes.

This also highlights the problem with nation-states in a networked world restricting certain products and services to their citizens, as recent adventures in attempting to restrict online gambling sites has demonstrated. As geography continues its slide into irrelevance, attempting to ban something that’s openly available anywhere else in the world becomes an exercise in bombastic futility that does little beyond undermining your credibility and authority.

Perhaps opening up legal avenues for the purchase of the more popular and controversial pharmaceuticals is the answer? After all, serious thought is being given to relaxing prohibition on more dangerous drugs as it becomes clear that their restricted availability plays into the hands of criminals… why not make the drugs safer for consumers by controlling quality and distribution, and hobble an easy income stream for the underworld?

That said, there’ll always be something that people want to buy but can’t; I guess it’d be a case of finding where the tipping point between easy profits and risk of operation is. Then all we’ll be left with are dodgy refinancing offers and invitations to see fallen pop stars in the buff…

So, how long is it going to be before I have to lock the comments on this post to block the flood of pingbacks? Place your bets, ladies and gents, place your bets…


AI up the game

Tom James @ 29-06-2009

cardsA fascinating article in the FT magazine over the weekend on the ongoing arms race between those who program the software bots in online gaming rooms, one Martin Smith, and those who play against them:

These are contests that take place on constantly shifting terrain. Smith releases his latest version of a program: it wins for a couple of weeks, then the humans figure out how to beat it and they win for a couple of weeks while Smith goes away and works on his software – algorithms, probability calculations, search techniques – and scratches his head. Then he comes back with a new version of the program that wins for a couple of weeks, while the humans go away and think about it. “We have this ratcheting up,” Smith says. “It’s a very intellectually rewarding thing.”

“There’s a very big difference between computer intelligence and human intelligence. This is clearly indicated in games. Back in the ’70s, it was considered that in order to get computers to play chess like a grandmaster, they had to think like grandmasters. That turned out to be wrong. Computers can play fantastic chess and they don’t do anything remotely like what human grandmasters do.”

It is interesting how the upgraded software eventually becomes beatable after sufficient practice by large groups of humans. It’s also interesting for the insight into what a particular flavour of AI researchers actually spend their time doing.

On the distinction between mind and computers, this article at The New Atlantis makes for an interesting read.

[image from Malcav on flickr]


The future of banking

Tom James @ 01-10-2008

As the current financial crisis unfolds, I’ve been wondering how it will affect me as an individual in the future. Hamish McRae reckons it’ll be like it was in the sixties (but not in a good way 🙁 ):

It is easier in a way to see the situation in a year or two’s time than it is to call the detail of the next few weeks. What we can see is a world where it will be much more difficult to borrow money.

For those who can remember, it will be more like the 1950s and 1960s. Then, if you wanted a mortgage, you had to have built up a deposit in the building society or bank that might lend you the money.

People would open an account with two or three societies and stick as much money as they could in each so that if one would not give them the loan they could try another.

Other interesting speculations on the future of banking can be found in Casino Capitalism, on the BBC’s iPlayer service, available until the 5th of October. One conclusion from that programme is that banks will become more like utility companies, and the idea that banks can be innovative businesses in their own right is wrong – banks should provide basic financial services based on sound risk management (see below).

It’s worth listening to. Also if you haven’t read Charles Stross’ thoughts on the banking crisis, go do so:

…banking is the art and science of risk management. (You have a pot of money. You want to use it to get more money.

Do you lend it to person A, who you figure has a 25% chance of defaulting on the loan but is willing to pay you 1% per month in interest, or person B, who has a 1% chance of defaulting but can only pay you 0.5% per month?

If you picked person B, congratulations: you’re a good banker. If you picked A, you’d better hope there’s a government hand-out in your future.)

[image from Odalaigh on flickr]